[Chugalug] Curl and client SSL certs
jnylen at gmail.com
Wed Mar 6 20:11:12 UTC 2013
I haven't done this before, but the man page of curl is somewhat confusing
regarding --cert and --key together.
Try this (it looks like it worked here
cat test.crt test.key > test.pem
curl --cert test.pem https://someweb.site
Are the cert and key files PEM? If not, it looks like you'll need
--cert-type and/or --key-type.
On Wed, Mar 6, 2013 at 2:58 PM, Stephen Haywood <
stephen at averagesecurityguy.info> wrote:
> I am trying to access a web site with a client side cert using the Curl
> command, curl --cert test.crt --key test.key https://someweb.site. Curl
> returns this error message: curl: (58) unable to use client certificate (no
> key found or wrong pass phrase?). I have verified that the cert and key go
> together using openssl x509 -noout -modulus -in test.crt | openssl md5and openssl
> rsa -noout -modulus -in test.key | openssl md5, which both return the
> same MD5 sum. I have also verified the key does not have a passphrase using openssl
> rsa -in test.key -out test_nopw.key, which did not request a password.
> Any thoughts on what may be happening? Am I missing something obvious?
> Stephen Haywood
> Information Security Consultant
> CISSP, GSEC, OSCP
> T: @averagesecguy
> W: averagesecurityguy.info
> Chugalug mailing list
> Chugalug at chugalug.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chugalug